If you're company does business in Connecticut, be aware of revised legislation imposing strict notification requirements in the event that your company experiences a data breach. Senate Bill 949, 'An Act Improving Data Security and Agency Effectiveness' makes changes to Connecticut's data breach notification law and was signed by Governor Dannel Malloy on June 30, 2015.

The new law requires that consumers be given notice no later than 90 days from the discovery of a breach. In addition, it requires at least one year of free identity theft protection services for victims of breaches involving Social Security Numbers.

Connecticut Atty. General, George Jepsen indicates that the 90 days is an "outside limit for notification, but does not in any way diminish my discretion to seek relief against companies who unduly delay notifying those whose data has been compromised or my office. We intend to continue to scrutinize breaches and to take enforcement action against companies who unreasonably delay notification – even if notification is provided less than 90 days after discovery of the breach."

"My office will continue to aggressively investigate these breaches and, where appropriate, take action when we feel that notification has not been reasonable or protections offered to consumers are not adequate," said Jepsen.

The information provided in these articles are only general descriptions and should not be relied upon as complete, correct or accurate for your specific situation. All coverage informaiton is subject to policy provisions, endorsements and may be subject to your meeting underwriting qualifications. Murphy Insurance Agency is not engaged in rendering legal, accounting or other noninsurance professional services. Consult an appropriate professional for advice regarding your own situation.